Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fG9FIyhUiwBngL8gIJyJp614Xfk.roa
File:                     fG9FIyhUiwBngL8gIJyJp614Xfk.roa (raw, json)
Hash identifier:          wRN9FOhcAvM6ZMiII2hmOl3gtOnhya2t9NRs9akieRc=
Subject key identifier:   7C:6F:45:23:28:54:8B:00:67:80:BF:20:20:9C:89:A7:AD:78:5D:F9
Certificate issuer:       /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial:       0198D57B01D12EBD01CA039B072B395E5784
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fG9FIyhUiwBngL8gIJyJp614Xfk.roa
Signing time:             Sat 23 Aug 2025 05:51:05 +0000
ROA not before:           Sat 23 Aug 2025 05:51:05 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     834
IP address blocks:        37.202.193.0/24 maxlen: 24
                          37.202.203.0/24 maxlen: 24
                          37.202.212.0/23 maxlen: 24
                          151.240.2.0/24 maxlen: 24
                          151.240.16.0/24 maxlen: 24
                          151.240.24.0/24 maxlen: 24
                          151.240.25.0/24 maxlen: 24
                          151.240.26.0/24 maxlen: 24
                          151.240.27.0/24 maxlen: 24
                          151.240.30.0/24 maxlen: 24
                          151.240.82.0/24 maxlen: 24
                          151.240.89.0/24 maxlen: 24
                          151.240.112.0/23 maxlen: 24
                          151.240.114.0/23 maxlen: 24
                          151.240.116.0/23 maxlen: 24
                          151.240.120.0/23 maxlen: 24
                          151.240.124.0/23 maxlen: 24
                          151.240.145.0/24 maxlen: 24
                          151.240.152.0/24 maxlen: 24
                          151.240.153.0/24 maxlen: 24
                          151.240.158.0/24 maxlen: 24
                          151.240.161.0/24 maxlen: 24
                          151.240.163.0/24 maxlen: 24
                          151.240.173.0/24 maxlen: 24
                          151.240.179.0/24 maxlen: 24
                          151.240.228.0/24 maxlen: 24
                          151.240.231.0/24 maxlen: 24
                          151.240.232.0/24 maxlen: 24
                          151.240.239.0/24 maxlen: 24
                          151.240.241.0/24 maxlen: 24
                          151.240.242.0/24 maxlen: 24
                          151.240.247.0/24 maxlen: 24
                          151.240.249.0/24 maxlen: 24
                          151.240.250.0/24 maxlen: 24
                          151.241.0.0/17 maxlen: 24
                          151.241.4.0/24 maxlen: 24
                          151.241.7.0/24 maxlen: 24
                          151.241.15.0/24 maxlen: 24
                          151.241.25.0/24 maxlen: 24
                          151.241.27.0/24 maxlen: 24
                          151.241.32.0/24 maxlen: 24
                          151.241.33.0/24 maxlen: 24
                          151.241.35.0/24 maxlen: 24
                          151.241.36.0/24 maxlen: 24
                          151.241.37.0/24 maxlen: 24
                          151.241.39.0/24 maxlen: 24
                          151.241.40.0/24 maxlen: 24
                          151.241.41.0/24 maxlen: 24
                          151.241.50.0/24 maxlen: 24
                          151.241.64.0/18 maxlen: 24
                          151.241.65.0/24 maxlen: 24
                          151.241.74.0/23 maxlen: 24
                          151.241.96.0/20 maxlen: 24
                          151.241.117.0/24 maxlen: 24
                          151.241.128.0/17 maxlen: 24
                          151.241.224.0/19 maxlen: 24
                          151.242.19.0/24 maxlen: 24
                          151.242.52.0/22 maxlen: 24
                          151.242.114.0/24 maxlen: 24
                          151.242.122.0/24 maxlen: 24
                          151.242.126.0/24 maxlen: 24
                          151.242.133.0/24 maxlen: 24
                          151.242.136.0/23 maxlen: 24
                          151.242.144.0/23 maxlen: 24
                          151.242.164.0/23 maxlen: 24
                          151.242.168.0/23 maxlen: 24
                          151.242.192.0/20 maxlen: 24
                          151.242.200.0/22 maxlen: 22
                          151.242.204.0/22 maxlen: 24
                          151.242.206.0/24 maxlen: 24
                          151.242.224.0/22 maxlen: 24
                          151.242.252.0/23 maxlen: 24
                          151.242.252.0/24 maxlen: 24
                          151.243.16.0/20 maxlen: 20
                          151.243.18.0/23 maxlen: 24
                          151.243.26.0/24 maxlen: 24
                          151.243.28.0/22 maxlen: 24
                          151.243.44.0/22 maxlen: 24
                          151.243.99.0/24 maxlen: 24
                          151.243.100.0/22 maxlen: 24
                          151.243.108.0/23 maxlen: 24
                          151.243.113.0/24 maxlen: 24
                          151.243.123.0/24 maxlen: 24
                          151.243.136.0/22 maxlen: 22
                          151.243.152.0/22 maxlen: 24
                          151.243.156.0/24 maxlen: 24
                          151.243.157.0/24 maxlen: 24
                          151.243.158.0/24 maxlen: 24
                          151.243.171.0/24 maxlen: 24
                          151.243.173.0/24 maxlen: 24
                          151.243.175.0/24 maxlen: 24
                          151.243.200.0/24 maxlen: 24
                          151.243.204.0/22 maxlen: 24
                          151.243.206.0/23 maxlen: 24
                          151.243.212.0/23 maxlen: 24
                          151.243.220.0/24 maxlen: 24
                          151.243.223.0/24 maxlen: 24
                          151.243.226.0/24 maxlen: 24
                          151.243.230.0/23 maxlen: 24
                          151.243.237.0/24 maxlen: 24
                          151.243.239.0/24 maxlen: 24
                          151.243.243.0/24 maxlen: 24
                          151.243.247.0/24 maxlen: 24
                          151.243.248.0/22 maxlen: 24
                          151.243.252.0/23 maxlen: 24
                          151.244.14.0/24 maxlen: 24
                          151.244.42.0/24 maxlen: 24
                          151.244.44.0/24 maxlen: 24
                          151.244.46.0/24 maxlen: 24
                          151.244.50.0/24 maxlen: 24
                          151.244.70.0/24 maxlen: 24
                          151.244.85.0/24 maxlen: 24
                          151.244.88.0/24 maxlen: 24
                          151.244.103.0/24 maxlen: 24
                          151.244.109.0/24 maxlen: 24
                          151.244.119.0/24 maxlen: 24
                          151.244.120.0/24 maxlen: 24
                          151.244.121.0/24 maxlen: 24
                          151.244.122.0/24 maxlen: 24
                          151.244.126.0/24 maxlen: 24
                          151.244.128.0/18 maxlen: 24
                          151.244.164.0/22 maxlen: 22
                          151.244.168.0/22 maxlen: 22
                          151.244.213.0/24 maxlen: 24
                          151.244.214.0/24 maxlen: 24
                          151.244.215.0/24 maxlen: 24
                          151.244.216.0/22 maxlen: 24
                          151.244.232.0/22 maxlen: 24
                          151.244.236.0/23 maxlen: 24
                          151.244.242.0/23 maxlen: 24
                          151.244.244.0/23 maxlen: 24
                          151.244.246.0/23 maxlen: 24
                          151.244.250.0/23 maxlen: 24
                          151.244.252.0/22 maxlen: 24
                          151.245.0.0/17 maxlen: 24
                          151.245.1.0/24 maxlen: 24
                          151.245.3.0/24 maxlen: 24
                          151.245.24.0/23 maxlen: 24
                          151.245.28.0/23 maxlen: 24
                          151.245.60.0/22 maxlen: 24
                          151.245.88.0/22 maxlen: 24
                          151.245.116.0/22 maxlen: 24
                          151.245.128.0/17 maxlen: 24
                          151.245.128.0/24 maxlen: 24
                          151.245.133.0/24 maxlen: 24
                          151.245.160.0/21 maxlen: 24
                          151.245.176.0/21 maxlen: 24
                          151.245.216.0/21 maxlen: 24
                          151.245.224.0/21 maxlen: 24
                          151.245.248.0/21 maxlen: 24
                          151.246.0.0/17 maxlen: 24
                          151.246.127.0/24 maxlen: 24
                          151.246.128.0/17 maxlen: 24
                          151.246.191.0/24 maxlen: 24
                          151.247.0.0/17 maxlen: 24
                          151.247.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:7b:01:d1:2e:bd:01:ca:03:9b:07:2b:39:5e:57:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
        Validity
            Not Before: Aug 23 05:51:05 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=7c6f452328548b006780bf20209c89a7ad785df9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:5c:ab:53:ec:c5:fb:fd:61:75:67:05:3c:2b:
                    ad:b7:e2:6e:36:19:9a:2d:cb:b7:f4:88:74:d2:61:
                    98:90:d2:03:3a:74:67:68:de:d1:a4:dd:bd:03:5f:
                    99:96:df:13:4e:8b:0f:27:6b:9f:b3:33:70:4d:6c:
                    b4:1d:00:34:3f:cf:58:91:1f:1e:55:f8:2c:54:f4:
                    9a:62:bc:e2:11:63:35:6c:e4:52:81:6a:af:6b:77:
                    8a:b7:fd:41:2d:fd:e5:45:28:7b:68:40:a0:8c:ef:
                    41:f1:bc:a0:63:5f:14:32:f7:5a:d5:a2:de:24:a7:
                    f8:8a:fe:52:a3:f1:18:c2:bf:fb:b2:e8:d3:62:db:
                    9e:f1:85:a1:c4:58:d6:03:9a:f0:fe:38:4b:7c:04:
                    ee:9f:3e:63:69:9f:ea:c8:e2:d6:28:72:d0:c8:49:
                    81:93:b8:e7:87:f1:f6:92:03:e9:7b:f7:bc:19:3e:
                    f9:5a:4a:21:7c:bc:9b:c2:25:ca:a7:9a:d1:d5:60:
                    e0:77:c9:09:1a:50:1f:28:6c:c2:1b:d2:8f:71:f2:
                    f9:c7:9e:3c:81:0f:c3:d3:2c:43:64:3c:5d:45:90:
                    c9:68:0c:ea:18:4e:5b:ce:6b:62:c7:4f:41:e3:a3:
                    8b:f9:a4:64:62:c0:b7:77:e9:91:dd:7b:a3:6f:49:
                    ce:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:6F:45:23:28:54:8B:00:67:80:BF:20:20:9C:89:A7:AD:78:5D:F9
            X509v3 Authority Key Identifier:
                keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fG9FIyhUiwBngL8gIJyJp614Xfk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.202.193.0/24
                  37.202.203.0/24
                  37.202.212.0/23
                  151.240.2.0/24
                  151.240.16.0/24
                  151.240.24.0/22
                  151.240.30.0/24
                  151.240.82.0/24
                  151.240.89.0/24
                  151.240.112.0-151.240.117.255
                  151.240.120.0/23
                  151.240.124.0/23
                  151.240.145.0/24
                  151.240.152.0/23
                  151.240.158.0/24
                  151.240.161.0/24
                  151.240.163.0/24
                  151.240.173.0/24
                  151.240.179.0/24
                  151.240.228.0/24
                  151.240.231.0-151.240.232.255
                  151.240.239.0/24
                  151.240.241.0-151.240.242.255
                  151.240.247.0/24
                  151.240.249.0-151.240.250.255
                  151.241.0.0/16
                  151.242.19.0/24
                  151.242.52.0/22
                  151.242.114.0/24
                  151.242.122.0/24
                  151.242.126.0/24
                  151.242.133.0/24
                  151.242.136.0/23
                  151.242.144.0/23
                  151.242.164.0/23
                  151.242.168.0/23
                  151.242.192.0/20
                  151.242.224.0/22
                  151.242.252.0/23
                  151.243.16.0/20
                  151.243.44.0/22
                  151.243.99.0-151.243.103.255
                  151.243.108.0/23
                  151.243.113.0/24
                  151.243.123.0/24
                  151.243.136.0/22
                  151.243.152.0-151.243.158.255
                  151.243.171.0/24
                  151.243.173.0/24
                  151.243.175.0/24
                  151.243.200.0/24
                  151.243.204.0/22
                  151.243.212.0/23
                  151.243.220.0/24
                  151.243.223.0/24
                  151.243.226.0/24
                  151.243.230.0/23
                  151.243.237.0/24
                  151.243.239.0/24
                  151.243.243.0/24
                  151.243.247.0-151.243.253.255
                  151.244.14.0/24
                  151.244.42.0/24
                  151.244.44.0/24
                  151.244.46.0/24
                  151.244.50.0/24
                  151.244.70.0/24
                  151.244.85.0/24
                  151.244.88.0/24
                  151.244.103.0/24
                  151.244.109.0/24
                  151.244.119.0-151.244.122.255
                  151.244.126.0/24
                  151.244.128.0/18
                  151.244.213.0-151.244.219.255
                  151.244.232.0-151.244.237.255
                  151.244.242.0-151.244.247.255
                  151.244.250.0-151.247.255.255

    Signature Algorithm: sha256WithRSAEncryption
         aa:b8:0c:5f:4a:9e:3a:42:de:d7:e9:33:9c:67:c2:54:6d:4d:
         b7:0b:12:6b:13:84:03:0a:0a:49:67:a3:0e:d0:5f:b0:57:70:
         e2:8a:79:06:6d:e6:64:af:bb:1c:91:4a:a7:5a:52:9e:72:c6:
         1a:21:4f:77:c6:9d:9d:63:38:83:87:9e:ed:c4:d0:eb:03:7e:
         70:a7:e2:df:09:d7:c3:d2:53:15:ca:6e:ac:49:95:10:26:fb:
         41:57:7b:0a:82:25:30:96:0e:a2:3c:5e:79:47:fc:b4:7b:a4:
         43:f6:8a:6c:49:6e:c7:53:7c:df:08:d4:2f:d4:fe:23:bc:c1:
         54:69:0d:78:41:8c:f4:cb:03:e8:13:e1:01:1e:71:01:e5:4f:
         54:40:f7:9a:02:4f:0b:27:3e:04:b5:59:d5:63:a3:79:3e:75:
         11:ef:1b:b0:c5:b5:27:32:03:49:43:d1:48:6d:bb:f4:5b:75:
         57:d1:63:e1:0e:02:cd:b7:bf:d0:44:a2:e2:33:db:d1:7a:55:
         02:ea:fe:b4:37:b6:64:c5:6e:4a:38:9c:5f:4c:ba:0d:0f:58:
         70:0a:24:be:dc:0f:00:6e:26:b0:f7:ba:2c:e4:ee:cf:5c:3d:
         21:01:b8:47:e6:95:32:da:64:58:2b:77:fa:64:b5:e5:89:82:
         14:49:b7:aa
-----BEGIN CERTIFICATE-----
MIIHMzCCBhugAwIBAgISAZjVewHRLr0BygObBys5XleEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIzMDU1MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzZmNDUyMzI4NTQ4YjAwNjc4MGJmMjAyMDljODlhN2FkNzg1ZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA81yrU+zF+/1hdWcFPCutt+JuNhma
Lcu39Ih00mGYkNIDOnRnaN7RpN29A1+Zlt8TTosPJ2ufszNwTWy0HQA0P89YkR8e
VfgsVPSaYrziEWM1bORSgWqva3eKt/1BLf3lRSh7aECgjO9B8bygY18UMvda1aLe
JKf4iv5So/EYwr/7sujTYtue8YWhxFjWA5rw/jhLfATunz5jaZ/qyOLWKHLQyEmB
k7jnh/H2kgPpe/e8GT75WkohfLybwiXKp5rR1WDgd8kJGlAfKGzCG9KPcfL5x548
gQ/D0yxDZDxdRZDJaAzqGE5bzmtix09B46OL+aRkYsC3d+mR3Xujb0nOAwIDAQAB
o4IEPzCCBDswHQYDVR0OBBYEFHxvRSMoVIsAZ4C/ICCciaeteF35MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZkc5Rkl5aFVpd0JuZ0w4Z0lKeUpwNjE0WGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICUwYIKwYBBQUHAQcBAf8EggJCMIICPjCCAjoEAgABMIIC
MgMEACXKwQMEACXKywMEASXK1AMEAJfwAgMEAJfwEAMEApfwGAMEAJfwHgMEAJfw
UgMEAJfwWTAMAwQEl/BwAwQBl/B0AwQBl/B4AwQBl/B8AwQAl/CRAwQBl/CYAwQA
l/CeAwQAl/ChAwQAl/CjAwQAl/CtAwQAl/CzAwQAl/DkMAwDBACX8OcDBACX8OgD
BACX8O8wDAMEAJfw8QMEAJfw8gMEAJfw9zAMAwQAl/D5AwQAl/D6AwMAl/EDBACX
8hMDBAKX8jQDBACX8nIDBACX8noDBACX8n4DBACX8oUDBAGX8ogDBAGX8pADBAGX
8qQDBAGX8qgDBASX8sADBAKX8uADBAGX8vwDBASX8xADBAKX8ywwDAMEAJfzYwME
A5fzYAMEAZfzbAMEAJfzcQMEAJfzewMEApfziDAMAwQDl/OYAwQAl/OeAwQAl/Or
AwQAl/OtAwQAl/OvAwQAl/PIAwQCl/PMAwQBl/PUAwQAl/PcAwQAl/PfAwQAl/Pi
AwQBl/PmAwQAl/PtAwQAl/PvAwQAl/PzMAwDBACX8/cDBAGX8/wDBACX9A4DBACX
9CoDBACX9CwDBACX9C4DBACX9DIDBACX9EYDBACX9FUDBACX9FgDBACX9GcDBACX
9G0wDAMEAJf0dwMEAJf0egMEAJf0fgMEBpf0gDAMAwQAl/TVAwQCl/TYMAwDBAOX
9OgDBAGX9OwwDAMEAZf08gMEA5f08DALAwQBl/T6AwMDl/AwDQYJKoZIhvcNAQEL
BQADggEBAKq4DF9KnjpC3tfpM5xnwlRtTbcLEmsThAMKCklnow7QX7BXcOKKeQZt
5mSvuxyRSqdaUp5yxhohT3fGnZ1jOIOHnu3E0OsDfnCn4t8J18PSUxXKbqxJlRAm
+0FXewqCJTCWDqI8XnlH/LR7pEP2imxJbsdTfN8I1C/U/iO8wVRpDXhBjPTLA+gT
4QEecQHlT1RA95oCTwsnPgS1WdVjo3k+dRHvG7DFtScyA0lD0Uhtu/RbdVfRY+EO
As23v9BEouIz29F6VQLq/rQ3tmTFbko4nF9Mug0PWHAKJL7cDwBuJrD3uizk7s9c
PSEBuEfmlTLaZFgrd/pkteWJghRJt6o=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:25:01 2025 by rpki-client